LXC container on Centos

LXC isn’t a real Virtualization technique, but is more like a chroot environment, but on “steroids”. Its similar to OpenVZ virtualization, but can use your native kernel version. In some cases its very important.

mkdir /var/lib/libvirt/lxc/centos-6-x86_64/etc/yum.repos.d/ -p  
cat /etc/yum.repos.d/CentOS-Base.repo |sed s/'$releasever'/6/g > /var/lib/libvirt/lxc/centos-6-x86_64/etc/yum.repos.d/CentOS-Base.repo
yum groupinstall core --installroot=/var/lib/libvirt/lxc/centos-6-x86_64/ --nogpgcheck -y
yum install plymouth libselinux-python --installroot=/var/lib/libvirt/lxc/centos-6-x86_64/ --nogpgcheck -y

You should crate selinux rule:

module lxc 1.0;

require {
type hald_t;
type virtd_lxc_t;
class dbus send_msg;
}

#============= hald_t ==============
allow hald_t virtd_lxc_t:dbus send_msg;

You should create manually your selinux rule to allow virtd_lxc_t to use dbus daemon. How crate custom selinux rules, you can check in other my article there.

chroot /var/lib/libvirt/lxc/centos-6-x86_64/ 

echo your_password_there |passwd root --stdin

#Fix root login on console

echo "pts/0" >>/etc/securetty

sed -i s/"session    required     pam_selinux.so close"/"#session    required     pam_selinux.so close"/g /etc/pam.d/login

sed -i s/"session    required     pam_selinux.so open"/"#session    required     pam_selinux.so open"/g /etc/pam.d/login

sed -i s/"session    required     pam_loginuid.so"/"#session    required     pam_loginuid.so"/g /etc/pam.d/login

#Configuring basic networking

cat > /etc/sysconfig/network << EOF

NETWORKING=yes

HOSTNAME=lxc.linux4you.tk

EOF

cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF

DEVICE=eth0

BOOTPROTO=dhcp

ONBOOT=yes

EOF

#Enabling sshd

chkconfig sshd on

# Fixing root login for sshd

sed -i s/"session    required     pam_selinux.so close"/"#session    required     pam_selinux.so close"/g /etc/pam.d/sshd

sed -i s/"session    required     pam_loginuid.so"/"#session    required     pam_loginuid.so"/g /etc/pam.d/sshd

sed -i s/"session    required     pam_selinux.so open env_params"/"#session    required     pam_selinux.so open env_params"/g /etc/pam.d/sshd

# Leaving the chroot'ed filesystem

exit

virt-install --connect lxc:/// --name test --ram 512 --vcpu 1 --filesystem /var/lib/libvirt/lxc/centos-6-x86_64/,/ --noautoconsole

One thought on “LXC container on Centos”

Stephan Kerrhan August 4, 2014 at 1:19 pm

Here you can find instructions for Centos 7. The site is in German, but the tutorial is a good solution and works without problems.
https://der-linux-admin.de/2014/08/centos-7-centos-7-im-lxc-container/

Reply ↓

Server 24/7

I am Vitalijus Ryzakovas. This is my LINUX/UNIX blog.

LXC container on Centos

One thought on “LXC container on Centos”

Leave a Reply Cancel reply